Microsoft Says Only Legit Owners Get Fixes

from the and-so-it-goes... dept

While it's been rumored in the past and they've tried to imply it was required even when it wasn't, Microsoft is now going to start enforcing the rule that anyone downloading security updates must first prove they have a legit copy of Windows. The reasoning certainly makes some sense, and they have a legitimate claim in doing this. Why should Microsoft patch systems for those who haven't paid for it? However, the damage done by unpatched systems could outweigh the benefit of moving people to authorized copies. In fact, for people who are unlikely to buy Microsoft products at that time, this actually gives them even more incentive to investigate alternatives, rather than keeping them on the Microsoft platform, should they later be in a position to purchase. Also, it seems like this actually puts the wrong incentive on Microsoft. In this case, they should want to release buggy software with security holes to really screw over those who pirate it and can't patch it. The reality, of course, is that there will be unauthorized copies of patches as well -- so the folks who are really serious about getting illegal copies will continue to do so. However, those of us with legitimate copies that we paid for will need to prove ourselves every time Microsoft fixes one of its own problems. That doesn't seem particularly customer friendly. Update: As pointed out in the comments, this might be even stranger... unauthorized installations can still get the security patches if they turn on the "automatic update" feature -- at which point you have to wonder why this new policy matters at all?

Reader Comments

Not Quite

The way I read the story, only people who manually download patches have to verify their copies of Windows. The story states that everybody will still be able to get patches if they have automatic updates turned on.

Microsoft will continue to allow all people to get Windows updates by turning on the Automatic Update feature within Windows. By doing so, Microsoft hopes it has struck a balance between promoting security and ensuring that people buy genuine versions of Windows.

Re: Not Quite

What about this scenario? One day, Microsoft decides it's had enough of fencing with the pirates, and automatically destroys their copy of Windows via the Automatic Update feature which they've had to turn on in order to receive regular patches... Perhaps somebody who's familiar with the applicable laws can comment on whether Microsoft would be entitled to disable "known stolen" software that it has never been compensated for.

Turning Off Software

I remember one case where a company that made some sort of business software didn't get paid for that software. They had built the capability to remotely disable the software into the system, so they turned it off for that customer. That customer sued them.

I just did a quick Google and found that case was Revlon vs. Logisticon. Unfortunately, it was settled out of court and the settlement wasn't made public. (One more reason I think the results of lawsuits should have to be disclosed publicly. If the lawsuit is on the public record, any settlement should also be.)

UCITA would have allowed this practice, but I don't think it became law unless some states passed it. You can see InfoWorld for a discussion of that and a reference to the Logisticon suit.

Turn off Windows

Didn't Microsoft already do the turn off (sort of) for some Office versions? I heard that if you do not register your version of Office within 120 days, it ceases to function. Maybe they tried it and stopped, I don't know. I see no problem from a software maker point of view, making software that stops functioning if it is not registered properly. I think other companies do this now. Why should a software maker give updates to people that stole their software? Should we be mad just because everybody regards Microsft as evil...

I H8 C/R

I have a media-workstation that I keep offline at home. I had to authorize XP a few months ago, and it was a total bitch to do it offline via their phone service, a half hour of speaking to a computer, trying to get it to understand the word "three". Now I'm going to have to do this with my updates as well? unbelievable. I miss the days of simple serial copy protection.

Microsoft is not generous

The reason Microsoft isn't going to stop their automatic updates service from working at this time is because they don't have that service software send Microsoft the authentication information needed, especially after all the noise years ago about privacy when using the updates web site manually.

But if it bothers them enough they could use Automatic Updates later to quietly 'enhance' the update client itself along with some critical update, then months later start refusing updates when the client doesn't send a valid response.

Just blocking human visits to the web site (like for newer media players, DirectX, etc.) could have one larges desired effect: Alert people who have counterfeit installs of Windows and don't even know it. Supposedly this is rampant in less wealthy nations, and this move could pressure the crooked computer/software dealers.